Computer Science Module: Network Security

Questions and Answers

What is the main purpose of network security?

To eliminate all internet access

To reduce the cost of network maintenance

To protect vital information while allowing access to authorized users (correct)

To make networks faster

Which of the following describes a firewall?

A system that allows unrestricted access to network resources

Software that only protects wireless networks

An access control mechanism limiting communication based on rules (correct)

A device that completely blocks all incoming and outgoing traffic

What is one potential drawback of using a firewall?

Creates a single point of access that can become a target (correct)

Eliminates the need for all other security measures

Automatically updates security protocols without intervention

Increases network speed significantly

What form of authentication can be used to improve network security?

Biometric systems (B)

What do packet filtering firewalls primarily do?

They filter packets based on predefined rules (A)

Which of the following is NOT a common security attack mentioned?

Database Programming (C)

Which statement about firewalls is incorrect?

Firewalls are always ineffective against all types of attacks. (C)

How is the reliability of resource availability typically guaranteed in a secure network?

By maintaining an uptime of 99.995% (C)

What is the purpose of well-known port numbers?

To identify specific service types on a host (A)

Which of the following protocols uses TCP port 22?

Secure Shell (SSH) (A)

What type of attack is characterized by overloading a server to make a network service unusable?

Denial of Service (C)

Which of the following best describes a dictionary attack?

Brute forcing passwords using a predetermined list (C)

What is a key characteristic of packet sniffing?

It involves listening to plain text data on a network. (C)

Which protocol is commonly used to secure HTTP communications?

Transport Layer Security (TLS) (A)

What might be a common tactic employed in social engineering attacks?

Manipulating individuals to reveal confidential information (C)

Which service commonly uses TCP port 80?

Hypertext Transfer Protocol (HTTP) (A)

What is the primary function of well-known port numbers in a network?

To identify specific service types on a host (A)

Which of the following ports is associated with the Hypertext Transfer Protocol (HTTP)?

80 (D)

What is a characteristic of a denial of service attack?

It attempts to make a network service unusable. (C)

How does packet sniffing primarily compromise network security?

By listening to data transmitted in plain text. (C)

Which of the following protocols is commonly used to secure IP communications?

IPsec (B)

What role do Intrusion Detection Systems (IDS) serve in network security?

They monitor for suspicious activity. (A)

Which port is typically used for Secure Shell (SSH) connections?

22 (D)

What does a dictionary attack exploit to gain unauthorized access?

Patterns of common usernames and passwords (A)

What is a potential threat posed by social engineering?

Manipulating individuals into revealing information (B)

Which type of attack relies on creating false IP packets that rely on destination address alone?

TCP attacks (C)

What is a primary concern of network security?

To protect vital information and ensure accessibility (B)

What type of firewall filters packets based on predefined rules?

Packet filtering firewalls (D)

Which of the following is a primary function of firewalls?

To limit access to end hosts (D)

Why is it important to keep firewalls up to date?

To address newly discovered vulnerabilities (A)

What characterizes Denial of Service (DoS) attacks?

They aim to make a network service unavailable (D)

What is an example of access control in network security?

Utilizing biometric authentication methods (C)

Which system might incorporate a built-in firewall function?

Unix systems (C)

What type of information should be protected by network security measures?

Trade secrets and personal data (B)

What is one potential risk of having only one point of access into a network as provided by a firewall?

Increased vulnerability to attacks at that point (A)

Which of the following best describes packet sniffing?

Interception of data packets traveling over a network (D)

What is a key benefit of using firewalls in a network?

They limit access to end hosts based on rules. (B)

Which of the following is a drawback of firewalls in network security?

They can create single points of failure in a network. (D)

What differentiates packet filtering firewalls from other types?

They filter packets based on specific rules set by administrators. (A)

Which of these is primarily targeted in Social Engineering attacks?

End-user behaviors and trust. (B)

What is a common characteristic of Denial of Service (DoS) attacks?

They overwhelm a service, making it unavailable to legitimate users. (C)

What is the role of intrusion detection systems (IDS) in network security?

They monitor network traffic for suspicious activities. (B)

How do firewalls maintain their effectiveness over time?

Administrators regularly update the firewall configurations. (B)

Which communication protocols typically rely on port numbers for their operation?

Both TCP and UDP protocols. (A)

What type of attack involves monitoring network traffic to capture unencrypted data, such as passwords?

Packet Sniffing (D)

Which of the following port numbers is associated with the Post Office Protocol (POP3)?

110 (C)

What is the main purpose of a Denial of Service (DoS) attack?

To make network services unavailable (D)

Which protocol is commonly associated with TCP port 443 for secure web communications?

HTTPS (B)

Which type of social engineering involves tricking individuals into revealing sensitive information?

Phishing (B)

What can be a consequence of a successful dictionary attack?

Unauthorized access to accounts (C)

What is one method for securing data transmitted over the Internet to prevent packet sniffing?

Implementing SSL/TLS (C)

What type of monitoring system is designed to detect suspicious activity on a network?

Intrusion Detection System (IDS) (C)

Study Notes

International & Access Foundation Programmes

• Computer Science Module, Semester 2, Part 5: Networks - Network Security

Overview

• What is network security?
• Why is network security needed?
• Who is vulnerable?
• Common security attacks and countermeasures
  • Firewalls & Intrusion Detection Systems
  • Denial of Service Attacks
  • TCP Attacks (Spoofing)
  • Packet Sniffing
  • Social Engineering

Why do we need security?

• Protect vital information while allowing access to those who need it
  • Trade secrets, medical records, personal data etc.
• Provide authentication and access control for resources
  • Login, Passwords, Biometrics
• Guarantee availability of resources
  • Uptime 99.995% reliability

Firewalls

• Basic problem: many network applications and protocols have security problems that are fixed over time

• Difficult for users to keep up with changes and keep host secure

• Solution: Administrators limit access to end hosts by using a firewall

  • Firewall is kept up-to-date by administrators

• Firewall is like a castle with a drawbridge: only one point of access into the network

  • This can have positives and negatives
  • Can be hardware or software
  • Some routers come with firewall functionality
    • Unix systems, Windows XP/7/8 and Mac OS X have built-in software firewalls

• Diagram shows the firewall's position between the Internet and Intranet, with a DMZ (Demilitarized Zone) in between for servers.

  • Data flows from Internet, through a Firewall, then to the DMZ, and to the Intranet.

• Used to filter packets based on rules

• These are called packet filtering firewalls

• There are other types too, but they will not be discussed.

• Windows 7 default installation shows specific open ports.

Ports

• In the internet protocol suite, a port is an endpoint of communication in an operating system
• 1024 well-known port numbers are reserved to identify specific service types on a host
• A port is always associated with an IP address of a host
• Examples include: http://www.example.com:8080, http://72.56.123.233:80/
• List of registered ports

Typical TCP Ports

• 21: File Transfer Protocol (FTP)
• 22: Secure Shell (SSH)
• 23: Telnet remote login service
• 25: Simple Mail Transfer Protocol (SMTP)
• 53: Domain Name System (DNS) service
• 80: Hypertext Transfer Protocol (HTTP) – used in the World Wide Web
• 110: Post Office Protocol (POP3)
• 119: Network News Transfer Protocol (NNTP)
• 123: Network Time Protocol (NTP)
• 143: Internet Message Access Protocol (IMAP)
• 161: Simple Network Management Protocol (SNMP)
• 194: Internet Relay Chat (IRC)
• 443: HTTP Secure (HTTPS)

Types of Attack

• Intrusion Detection
  • Used to monitor for "suspicious activity" on a network.
  • Based on well-known patterns of behavior.
• Dictionary Attack - Brute Force
  • Dictionary attack on passwords.
• Denial of Service
  • Makes a network service unusable by overloading the server or network.
• TCP Attacks
  • Create IP packets and routers process them based on destination address alone
  • End hosts may lie about other fields which do not affect delivery
  • Attacker can insert malicious data into the TCP stream, and the recipient will believe it came from the original source.
• Packet Sniffing
  • Affects any broadcast-based medium (cable, wifi, etc.)
  • A host listens to the data (plain text data – passwords).
  • Solution: encrypt the data using Secure Sockets Layer (SSL) for https addresses
  • Web browsers know how to trust HTTPS websites based on certificate authorities.
  • IPSec - Internet Protocol Security (a protocol suite for securing Internet communications by authenticating and encrypting IP packets).
• Social Engineering
  • People can be just as dangerous as unprotected computer systems.
  • People can be lied to, manipulated, bribed, threatened, harmed, tortured, etc. to give up valuable information.

Description

Explore the essential concepts of Network Security in this Computer Science Module. Understand the importance of safeguarding vital information from various attacks and learn about various security measures like firewalls and intrusion detection systems. This quiz also covers vulnerabilities and strategies for maintaining resource availability.